mybodyisasewer
GLP-1 Enthusiast
It has become painfully clear to me that a lot of new people here are way out of their depth and have no concept of opsec. So I'm writing this schizo post.
I was around for SR1.0 RCs (take my username literally) so the fact that I'm not incarcerated should tell you that I know what I'm doing.
I see so many people buy their bitcoin on some clearnet KYC exchange like Coinbase, and send it straight to the vendor. This is insanity. The blockchain is open, your BTC address isn't a secret, and if the vendor's address is ever discovered, you are permanently and forever linked to them.
Tons of people have lost their crypto accounts for sending funds to gambling sites, peptide sites, foriegn governments, donating to the wrong cause, and whatever else they disapprove of. Would you write a check to your drug dealer? Don't do this.
Make a Kraken account, buy XMR, send that to a non-custodial wallet, such as Cake Wallet. Cake will allow you to exchange the XMR for BTC. Whose BTC are you getting? Doesn't matter, you're paying a sketchy foreign agent, it's for the best. Decentralized exchanges are the best tool available for destroying the forensic trail between you and the vendor.
If you have trouble using Kraken as an onramp, use any exchage of your choice to get crypto and transfer it to Kraken to get the XMR. Kraken is the only exchange I know of that supports this currency, as there is a lot of pressure to delist XMR because of what I'm about to explain.
XMR has not been cracked. Despite the FUD, the US government's bounty on XMR was never claimed. This breaks the traceable chain from your custodial clearnet funds to BTC that has never touched anything with your name on it.
Obviously, vendors should be taking XMR directly, but they haven't quite caught up to the DNMs, which typically REQUIRE payment in XMR. So we're just using it to create a forensic gap between you and the funds that reach the vendor. And if you think XMR is for criminals, fine, but I've seen a $20 treasury note do things you wouldn't believe, so let's try to have consistent standards.
If you are worried about the security of running your own wallet with a seed phrase and everything, do not keep any more money in there than you need for a single purchase.
However, it is beneficial to get your crypto off the exchnage as fast as possible. This gives you plausible deniability if they ever come at you for capital gains. You can say you sold immediately at the buy price, leaving them to prove how long you held the asset. If you do this right, they won't. Also we want to keep our taxes as simple as possible. Bringing your 1099-B to H&R Block so they can work out your pittance of capital gains tax is just rude and pointless. They will hate you for this and it will cost you extra for the return prep.
Use a VPN for everything. Obviously the exchange has KYC on you, but don't give them anything more than that. Broadcasting a transaction from your personal IP address is an unnecessary risk. You want your IP associated with as little as possible. Proton VPN and PIA are solid choices if you wanted a lead on that. They don't log, and their data has yet to be seen in any unsealed warrants.
Also, rememeber the basics. Use a password for your phone, not a pin, not biometric. Do not tell people you have crypto, they will immediately and correctly assume you are a criminal. Never unlock your phone for law enforcement. Cellebrite and Graykey do not work as well as advertised. I have been in a position to see a large enough sample size and that's all I'm saying.
Ideally, you wouldn't even use a phone for this, but a laptop running a linux live distro like TAILS. This depends on your risk tolerance and threat models.
Read off the addresses when you send. Just the first and last characters. A popular cyber attack is to compromise the clipboard and have you paste the attacker's receiving address when you send.
To recap:
Kraken XMR -> Cake wallet -> swap to BTC
Use a VPN.
Write down your seed somewhere, or don't, it's just a temporary parking spot for your next purchase, right?
Stop screwing around with solana and usdt and paypal and all that noise. It is horrifying to see people buying this stuff using an American KYC service. This is how you get blacklisted from paypal. Stripe, Square, Venmo, Cashapp and all these other services are NOT YOUR FRIEND and they will snitch you out and close your account at the first sign of anything illegitimate. These financial institutions are so heavily regulated that they are essentially organs of the very state that is oppressing us. Stop trusting them!
Always assume your that exchange, bank, postman, and dentist are conspiring to build a case on you. Give them nothing to work with, get your coins off the exchange and swap them that same day. Say nothing to anyone. And if you are ever cornered for any reason, remember the magic words: I want a lawyer.
You never know when permissible actions today will come back at you in the future, ex post facto is not the shield you might think it is. If you want more info, look up the DNM bible. I'll certainly answer questions here or defend my position if someone else has a different doctrine.
Security doesn't have to be onerous or difficult, but there's a lot to learn if you're going to do it right.
I was around for SR1.0 RCs (take my username literally) so the fact that I'm not incarcerated should tell you that I know what I'm doing.
I see so many people buy their bitcoin on some clearnet KYC exchange like Coinbase, and send it straight to the vendor. This is insanity. The blockchain is open, your BTC address isn't a secret, and if the vendor's address is ever discovered, you are permanently and forever linked to them.
Tons of people have lost their crypto accounts for sending funds to gambling sites, peptide sites, foriegn governments, donating to the wrong cause, and whatever else they disapprove of. Would you write a check to your drug dealer? Don't do this.
Make a Kraken account, buy XMR, send that to a non-custodial wallet, such as Cake Wallet. Cake will allow you to exchange the XMR for BTC. Whose BTC are you getting? Doesn't matter, you're paying a sketchy foreign agent, it's for the best. Decentralized exchanges are the best tool available for destroying the forensic trail between you and the vendor.
If you have trouble using Kraken as an onramp, use any exchage of your choice to get crypto and transfer it to Kraken to get the XMR. Kraken is the only exchange I know of that supports this currency, as there is a lot of pressure to delist XMR because of what I'm about to explain.
XMR has not been cracked. Despite the FUD, the US government's bounty on XMR was never claimed. This breaks the traceable chain from your custodial clearnet funds to BTC that has never touched anything with your name on it.
Obviously, vendors should be taking XMR directly, but they haven't quite caught up to the DNMs, which typically REQUIRE payment in XMR. So we're just using it to create a forensic gap between you and the funds that reach the vendor. And if you think XMR is for criminals, fine, but I've seen a $20 treasury note do things you wouldn't believe, so let's try to have consistent standards.
If you are worried about the security of running your own wallet with a seed phrase and everything, do not keep any more money in there than you need for a single purchase.
However, it is beneficial to get your crypto off the exchnage as fast as possible. This gives you plausible deniability if they ever come at you for capital gains. You can say you sold immediately at the buy price, leaving them to prove how long you held the asset. If you do this right, they won't. Also we want to keep our taxes as simple as possible. Bringing your 1099-B to H&R Block so they can work out your pittance of capital gains tax is just rude and pointless. They will hate you for this and it will cost you extra for the return prep.
Use a VPN for everything. Obviously the exchange has KYC on you, but don't give them anything more than that. Broadcasting a transaction from your personal IP address is an unnecessary risk. You want your IP associated with as little as possible. Proton VPN and PIA are solid choices if you wanted a lead on that. They don't log, and their data has yet to be seen in any unsealed warrants.
Also, rememeber the basics. Use a password for your phone, not a pin, not biometric. Do not tell people you have crypto, they will immediately and correctly assume you are a criminal. Never unlock your phone for law enforcement. Cellebrite and Graykey do not work as well as advertised. I have been in a position to see a large enough sample size and that's all I'm saying.
Ideally, you wouldn't even use a phone for this, but a laptop running a linux live distro like TAILS. This depends on your risk tolerance and threat models.
Read off the addresses when you send. Just the first and last characters. A popular cyber attack is to compromise the clipboard and have you paste the attacker's receiving address when you send.
To recap:
Kraken XMR -> Cake wallet -> swap to BTC
Use a VPN.
Write down your seed somewhere, or don't, it's just a temporary parking spot for your next purchase, right?
Stop screwing around with solana and usdt and paypal and all that noise. It is horrifying to see people buying this stuff using an American KYC service. This is how you get blacklisted from paypal. Stripe, Square, Venmo, Cashapp and all these other services are NOT YOUR FRIEND and they will snitch you out and close your account at the first sign of anything illegitimate. These financial institutions are so heavily regulated that they are essentially organs of the very state that is oppressing us. Stop trusting them!
Always assume your that exchange, bank, postman, and dentist are conspiring to build a case on you. Give them nothing to work with, get your coins off the exchange and swap them that same day. Say nothing to anyone. And if you are ever cornered for any reason, remember the magic words: I want a lawyer.
You never know when permissible actions today will come back at you in the future, ex post facto is not the shield you might think it is. If you want more info, look up the DNM bible. I'll certainly answer questions here or defend my position if someone else has a different doctrine.
Security doesn't have to be onerous or difficult, but there's a lot to learn if you're going to do it right.
